US20020023180A1 - Method of controlling software applications specific to a group of users - Google Patents
Method of controlling software applications specific to a group of users Download PDFInfo
- Publication number
- US20020023180A1 US20020023180A1 US09/246,351 US24635199A US2002023180A1 US 20020023180 A1 US20020023180 A1 US 20020023180A1 US 24635199 A US24635199 A US 24635199A US 2002023180 A1 US2002023180 A1 US 2002023180A1
- Authority
- US
- United States
- Prior art keywords
- action
- action item
- user
- application
- control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims description 22
- 230000009471 action Effects 0.000 claims abstract description 312
- 238000012546 transfer Methods 0.000 claims abstract description 10
- 230000009977 dual effect Effects 0.000 claims description 13
- 239000003086 colorant Substances 0.000 claims description 11
- 230000008569 process Effects 0.000 claims description 4
- 239000000758 substrate Substances 0.000 claims 2
- 230000004048 modification Effects 0.000 abstract description 3
- 238000012986 modification Methods 0.000 abstract description 3
- 239000003795 chemical substances by application Substances 0.000 description 14
- 238000012545 processing Methods 0.000 description 8
- 238000004891 communication Methods 0.000 description 7
- 230000008901 benefit Effects 0.000 description 4
- 238000013461 design Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000008676 import Effects 0.000 description 3
- 230000015654 memory Effects 0.000 description 3
- 231100000136 action limit Toxicity 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000011800 void material Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/048—Interaction techniques based on graphical user interfaces [GUI]
- G06F3/0481—Interaction techniques based on graphical user interfaces [GUI] based on specific properties of the displayed interaction object or a metaphor-based environment, e.g. interaction with desktop elements like windows or icons, or assisted by a cursor's changing behaviour or appearance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2113—Multi-level security, e.g. mandatory access control
Definitions
- This invention relates generally to computer software applications providing for customized access to software applications, and more particularly to subscriber control of the customization on a user-by-user basis.
- a subscriber is an institutional software customer, such as a company
- a user is an individual (person or piece of hardware) which uses the application supplied by the subscriber.
- application users might be company employees who use an application in the course of their employment with the subscriber.
- users can customize aspects of the user interface. For example, a user may be able to customize application display colors, or print format, or data transfer rate of data transfers, or the content of pull down menus and so on.
- a method of using a software application generally includes the steps of providing an application having “action items” to a subscriber, and having the subscriber configure the “action items” with “action item values” on a user-by-user basis (or on the basis of groupings of users).
- an “action item” is any aspect of the functionality of the software application, except that “action items” do not include access to data or databases, access to portions of data or databases, ability to modify data or databases, or ability to control action item configuration or data or database modification permission.
- action items providing for control of application display colors is an example of an “action item,” while access to some specific database which can be provided by the application cannot be considered as an “action item.”
- Other examples of “action items” will be given throughout this application to help convey the concept of “action items,” but these examples are not intended to limit the definition of “action items” provided in this paragraph.
- a physical medium can be coded with a computer software application according to the present invention.
- Some exemplary physical mediums are floppy disks, hard magnetic disks, optical disks, magnetic tapes, read only memories, random access memories and so on.
- the coded software application includes application code and configuration code.
- the application code corresponds to computer instructions for executing the software application, with the application code defining at least one action item.
- the configuration code corresponds to computer instructions for configuring the computer software application with action item values the users, whereby each user's access with respect to the action item is determined by the action item value. This way, a subscriber can configure the application for each user by defining the action item values.
- the present invention relates to subscriber (institutional software customer) control, and more particularly to subscriber (institutional software customer) control effected by configuring software
- this configuration will generally be carried out by an individual or individuals who have been delegated to decide on the subscriber's configuration strategy and to actually input the desired configuration information into the appropriate computer(s). Therefore, as used herein, the term “subscriber” includes these delegated individuals.
- the delegated individuals may include third party individuals, user individuals, or individuals affiliated with the software manufacturer.
- FIG. 1 is a block diagram of an embodiment of a computer system which stores and executes an embodiment of software according to the present invention
- FIG. 2 is a levels set table used by the software of FIG. 1;
- FIG. 3 is an objects set table used by the software of FIG. 1;
- FIG. 4 is a level-objects table used by the software of FIG. 1;
- FIG. 5 is an object actions table used by the software of FIG. 1;
- FIG. 6 is an action value type set table used by the software of FIG. 1;
- FIG. 7 is an actions type table used by the software of FIG. 1;
- FIG. 8 is a main profile table used by the software of FIG. 1;
- FIG. 9 is a block diagram of a portion of the software of FIG. 1;
- FIG. 10 is a flowchart representing operations of the software of FIG. 1.
- the present invention relates generally to any kind of software which can be purchased by a first party subscriber (for example, person, company or other entity) and then used by a plurality of second party users (for example, employees of a company).
- the subscriber can set the software up differently for each of the users on an individualized basis (or on the basis of groupings of users).
- the first party can set action item values to individually control action items for each of the users.
- the action items may relate to many different parameters of the software operation, such as extent of user control of the application display, extent of user control of the data output, or extent of user control of data transfer.
- the subscriber will generally be a brokerage house which can customize the market data software for each of its broker-users.
- Each broker-user will have a set of action item values to control action items. These action items will determine various aspects of how the software will be executed for each broker-user. In this way, the subscriber can set up the software so that each broker-user can use the software in an optimal fashion according to the abilities and needs of each individual broker-user.
- FIG. 1 shows an embodiment of a computer system 100 which can be used to run the exemplary market data software according to the present invention.
- exemplary computer system 100 is a stand-alone personal computer (PC) system.
- the market data software may be operated on a computer system having one or more server computers and one or more user workstations.
- This kind of server/workstation architecture is typical in many brokerage houses.
- the server computers store data or programs which is be accessed by users (such as brokers) through individual workstations, such as PC's.
- Computer system 100 includes user PC 102 , mouse 112 , keyboard 114 , display 116 and printer 117 .
- Mouse 112 is a conventional mouse input device which is connected to provide user input to user PC 102 .
- Keyboard 114 is a conventional keyboard input device which is connected to provide user input to user PC 102 .
- Display 116 is a conventional monitor which provides a screen display, such as a cathode ray tube display or liquid crystal display, which includes an application display generated by market data software 118 and output by user PC 102 .
- Printer 117 is a conventional printer which provides a hard copy, such as a printed page of data output from user PC 102 .
- User PC 102 includes processing module 104 , storage device 106 , network card 107 (with networking software) and random access memory (RAM) 108 .
- Processing module 104 provides the data processing functions of the user PC 102 .
- Processing module 104 would include a conventional central processing unit and other conventional data processing circuitry.
- Storage device 106 provides permanent data storage.
- Storage device 106 may be, for example, a hard magnetic disk.
- RAM 108 provides temporary storage of data.
- RAM 108 may be a conventional RAM memory.
- Network card 107 can communicate with network 200 . Priority given to communications to and from network card 107 are controlled according to a variable priority level. For example if the priority value of network card 107 is set to 1 (low), then the communications may be handled as relatively low priority communications. Priority values 2 and 3 correspond respectively to medium and high priority level communications.
- Network 200 may be a public network of computers, such as the Internet, a private network of computers, such as an office intranet, or it may be a combination of these two kinds of networks.
- computer files making up the market data software package 118 are stored in storage device 106 .
- these files could be stored wholly or in part on a removable storage device, such as a CD-ROM, or on a separate server computer.
- market data software 118 is operated by a user, data related to program execution is also stored in RAM 108 .
- user profile database 120 a portion of market data software 118 called user profile database 120 will be discussed in some detail.
- User profile database 120 is created and maintained by the user profile system 122 , which is a security sub system in market data software 118 .
- user profile database 118 contains data for all users who might potentially use the user PC 102 .
- the server computer may store and maintain a user profile database for every possible user.
- One exemplary user profile system is structured as an extension to an existing policy system that was used with Quotron (now called Reuters Plus) market data software package release version 5.01.07 and earlier versions.
- the user profile system 122 is used to configure user profile database 120 to control user access parameters by the subscriber on a per user basis, In this example, each user is assigned a security level (expert, medium or novice) which corresponds to three different ways that action items are configured.
- the security level represents the extent of access privileges for groups of users as controlled by the action item configuration.
- the market data software 118 includes many “objects.” “Objects” is herein used as a generic word to refer any module (Executables, Agents or AAE Service OCXs) that is participating in the market data software 118 . Each object is identified with a unique ID called the Object ID.
- Action items are properties or attributes of an object that can be configured using user profile system 122 . Action items are the items of the object which are imposed with some sort of access control using user profile system 122 .
- Implementation of market data software 118 proceeds in three stages. First, at the design stage, action items are identified and classified and user profile system 122 is written accordingly. Second, at the subscriber configuration stage, action item values are set by the subscriber for each of the users so that the market data software 118 will operate in a customized way for each security level. Third, at the run time stage, the user operates market data software 118 , with the action item parameters being controlled according to the subscriber-set action item values for that particular user. Each of these stages is discussed in more detail below.
- the market data software will not be designed on user PC 102 , but rather will be designed by a software designer on some other machine, from where the software is copied to storage device 106 .
- the design time stage involves creation of user profile database 120 .
- Design activity involves each of the modules (objects) in the market data software 118 , as each module has to generate the parameters which are to be subscriber-controlled “action items” that will be participating in the user profile system.
- Action information is stored in the serialized files with extension “.PRO.” Each module has to provide the following pieces of information in order to generate the PRO file:
- Object ID This is an identification code (GUID) associated with the module
- Action ID Unique integer value to identify an action item for this object
- Action Desc Description of the action item. This could be name of the menu item or a particular attribute of the object, and
- Action Item Type This filed tells the type of the action item.
- Action item types are an important aspect of some embodiments of the present invention, because the use of different action items types allow different kinds of user access parameters to be efficiently handled through a single user profile system 122 .
- Each defined action item will be classified under one of the predetermined action item types.
- three types of actions are identified:
- Dual State Action Type This action type is used to represent any action item that has two states—TRUE/ENABLE and FALSE/DISABLE.
- Limit Action Type This is used to represents those properties (actions) of the object that can be best described with an upper or lower limit.
- Range Action Type This is used to represent those properties (actions) of the object that can best be described by having a lower and an upper limit.
- an action item is the “menu” action item, which is a Dual State Action Type.
- Another example is “object count” action item, which is a Limit Action Type.
- Action Purpose Description Another piece of information used in creating the .PRO file is the Action Purpose Description.
- the Action Purpose Description gives the detailed description about the action item, which is displayed in the profile editor when the subscriber selects the action item for configuration.
- the Action Purpose Description should give a clear description of the action item and its purpose.
- Another piece of information used in creating the .PRO file is the Default Value.
- the Default Values are stored under the default security level. When an object requests the profile information for an action item, but the action item is missing, then these default values are returned as the values for the action item. Values should be set with an Action Default Value and an Action Default Extra Value.
- Action Default Value if an action item is a menu item or a Dual State Action Type item, then set it as either TRUE or FALSE. If the action item is a Range Action Type item, then it is set as the default minimum range. For Limit Action Type items, the Action Default Value is ignored.
- Action Default Extra Value for Dual State Action Type items, the value set to this file is ignored.
- the Action Default Extra Value sets the default limit for the action item.
- this filed should be set to a value which will be treated as the default maximum value.
- the maximum default value (Action Default Extra Value for Range item) is set to be less than the minimum default value (Action Default Value for Range item).
- the foregoing pieces of information are maintained internally by each module and used to generate the serialized action information file with a .PRO extension.
- One example of a possible action item defined by various modules is user control of the application display colors. This may defined as a Dual State Action Type which can be configured to ENABLE (user permitted to control display colors) or DISABLE (user not permitted to control display colors).
- the subscriber After the subscriber installs the market data software 118 on user PC 102 , the subscriber uses a tool called Profile Editor to configure and update the user profile database 120 , so that each broker-user will be able to optimally operate the market data software on an individualized basis.
- a tool called Profile Editor to configure and update the user profile database 120 , so that each broker-user will be able to optimally operate the market data software on an individualized basis.
- the Profile Editor provides a graphical user interface to set action item values for each user for each of the action items. Using this tool, different security levels can be created. Interface is provided to import the action information generated by each of the modules. Using this imported action information, user profile database 120 is updated for the object of interest. The detailed control flow for user profile database 120 updates will be explained below.
- the subscriber sets an action item value for this action item as ENABLE or DISABLE for each user, depending upon whether the subscriber perceives that the particular user is talented and disciplined enough to utilize control of application display colors in a constructive manner.
- a user operates the market data software 118 , which will be controlled in accordance with the action item values set by the subscriber for the security level of the particular user.
- user profile information is requested from the user profile database 120 .
- User profile database 120 is consulted for the requested module under the security level assigned to the user.
- the user who is using the market data software 118 will be identified by entering a user identification code and a password.
- each user may have a dedicated workstation so that the workstation will have only user profile information for some predetermined user. This may make it unnecessary to use user identification codes or the like.
- user identity could be determined by conventional electronic fingerprinting, photographing, voice recognition or the like.
- User profile database 120 is used to maintain the action items values for the users.
- User profile database 120 is created using Microsoft Access 97 .
- the tables discussed directly below are defined to maintain the user profile information.
- Levels set table 300 is shown in FIG. 2. Levels set table 300 is used to maintain all currently available security levels. It has two fields, Level ID field 302 and Level Description field 304 . Level ID 302 is an integer value which uniquely identifies the security level. Level Description is a user friendly name assigned to the security level. Initially, when an empty database is created, an entry called “Default Level” is added to the database.
- objects set table 306 is used to maintain a list of the objects that are participating in user profile system 122 . In other words, this table keeps track of all objects which have associated action item parameters.
- Objects set table 306 has two fields, Object ID field 308 and Object Description field 310 .
- Object ID 308 is a Globally Unique Identifier (GUID) used to represent each object.
- Object description 310 is a user friendly name assigned to each object. When a database is created, a default entry is added to this table with the description “Default Object.”
- level-objects table 312 is used to maintain lists of objects under each security level.
- Level-objects table 312 has two fields, Level ID field 314 and Object ID field 316 .
- Object ID 316 is of the GUID for each object.
- Level ID 314 is an associated integer value uniquely identifying the security level for each object. There can be more than one object under each security level. When a database is created an entry is created in this table for the “Default Object” under the “Default Level.”
- object actions table 318 is used to maintain list of available action items under each object that participates in the user profile system 122 .
- This table has five fields: (1) Object ID 320 , (2) Action ID 322 , (3) Action Description 324 , (4) Action Purpose Description 328 and (5) Action Type ID 330 .
- Object Id 320 is the GUID used to represent each object.
- Action Id 322 is an integer uniquely identifying each action item.
- Action Description 324 is a description of each action item and is object specific.
- Action Purpose Description 328 is a clear description of the purpose served by each action item.
- Action Type Id 330 indicates the action type of action item and is indexed to an entry in the Actions Type Table discussed below.
- actions value typeset table 332 is a fixed table with three entries As explained above, in this example, three types of actions are supported based on the values they take. They are:
- Range Action Type this type supports lower and upper limit values.
- the actions value type table has two fields, Action Value Type ID field 334 and Action Value Type Description 336 .
- Action Value Type Id 334 identifies the action value type.
- Action Value Type Description 336 describes the value type, such as “Dual State,” “Limit,” or “Range”.
- actions type table 338 is a read only table with a fixed number of entries.
- the actions type table 338 is used to support more user friendly action types. This table is one level higher than actions value type table 332 .
- the idea behind introducing this table above the action value type table 332 is to categorize actions based on the purpose they serve rather than on the values they support. Entries of the action type table 338 are associated with entries in the actions value type table depending on the type of values they support.
- Actions type table 338 has three fields: (1) Action Type ID 340 , (2) Action Type Description 342 , and (3) Action Value Type ID 344 .
- Action Type ID 340 identifies an action type.
- Action Type Description 342 describes the action type in a user-friendly manner.
- Action Value Type Id 344 is an index to an entry in the action value type table 332 .
- Action types are supported as given below.
- menu item supports two possible values (ENABLE/DISABLE) in the user profile system context, it can be viewed as an action type that supports two states (that is, a Dual State Action). So the Action Value Type ID field 340 is set to 1 for menu item.
- a module has to set the action type for each of the actions it is intended to include in user profile system 122 .
- the value exported (through the .PRO file) as action type should correspond to one of the entries in this table.
- main profile table 346 is used to store action item values for a security level.
- Main profile table 346 maintains the list of action items that have been declared to be participating in the user profile system 122 by the subscriber. This is information used by the user profile system 122 when a user runs the market data software 118 .
- Main profile table 346 has five fields: (1) Level ID field 348 , (2) Object ID field 350 , (3) Action ID field 352 , (4) Action Value field 354 , and (5) Action Extra Value field 356 . Each entry in main profile table 346 corresponds to an action item with values set under an object for the security level.
- Level ID 348 corresponds to the security level to which the action items values are of interest.
- Object ID 350 identifies the module to which an action item belongs.
- Action ID 352 identifies the action item.
- Action Value 354 is a first action item value set for an action item by the subscriber. The meaning of the value set to this field depends on the action item type of the action item. For Dual State Action Type action items, Action Value 354 will be a binary value (for example ENABLE or DISABLE). For Limit Action Type Action items, the Action Value 354 is ignored. For Range Action Type action items, the Action Value 354 is set to some minimum (or maximum) value used for controlling the action item parameter.
- Action Extra Value 356 is additional information which may be required by an action item.
- the meaning of Action Extra Value 356 set to this field depends on the action item type of the action item.
- the Action Extra Value 356 is not needed.
- Limit Action Type Action items the Action Extra Value 356 is value set as a limit of the action item.
- Range Action Type action items the Action Extra Value 356 is set to some maximum value used for controlling the action item parameter.
- Action Value 354 and Action Extra Value 356 for each action item
- only a single field is used to store the value of the action item.
- an Action Item Value field could be set up to store Dual State Action Type action item values as binary numbers, to store Limit Action Type action item values as variants representing an upper or lower limit, and to store Range Action Type action item values as variants each representing both an upper and a lower limit.
- Action information about an object might change during the course of enhancements to the objects. New action items might need to be added to user profile database 120 or some of the actions might become obsolete. In order to support such changes to user profile database 120 and to safeguard the overall system after the changes are made, the concept of generation of action information by each object is utilized.
- All the objects participating in the user profile database 120 should define a set of actions that can be configured in the user profile system 122 .
- the objects should maintain full information about the action internally.
- a simple structure can be used to maintain the action information.
- An example of code for this kind of simple structure follows: typedef struct ⁇ int nActionID; char csActionDesc[MAX_ACTION_DESC_LEN]; char csPurposeDesc[MAX_ACTION_PURPOSE_DESC_LEN]; int nActionType; long nInternalRefId; // This used for internal reference in the context of the object. ⁇ ProfileActionInfo;
- a .PRO file which is a serialized file having following structure (which includes an array of CProfileInfo objects where each object holds the information about each object):
- class CProInfoArray public CobArray ⁇ virtual void Serialize(CArchive& ar) ⁇ Serialize ObjectID & Description & set of Action info, objects; ⁇ CString m_csObjecID; CString m_csObjectDesc; ⁇ ; class CProfileInfo : public CObject ⁇ int m_nActionID; C String m_csActionDesc; CString m_csPurposeDesc; int m_nActionType; void Serialize(CArchive& ar) ⁇ Serialize Action ID, Action Description & Action type ⁇ ; ⁇ ;
- .PRO files for market data software OCX's can be done with a small application that calls a specific exported function in the OCX that generates the object file. OCX name can be passed as argument to this application.
- OCX name can be passed as argument to this application.
- For generating the .PRO files for executables like navigator, provision for a command line option should be supported. When the application is executed with a particular command line option it should generate the action information file.
- the profile editor tool provides an interface for the subscriber to select a particular .PRO file and import the action information into user profile database 120 . If an object corresponding to the .PRO file is already present in user profile database 120 , then the subscriber is prompted with a message indicating that the previous action information will be replaced with the new action information and all the references to the old action information will be deleted. If subscriber agrees with that, then a new set of actions are defined under the selected object in the user profile database 120 , replacing the old action information.
- object is new to the database, then new set of actions are defined under that object.
- provision can be made to selectively import a single action item or to overwrite a single action item with a new one.
- the criteria used to check for an existing action item is the check for duplicate Action ID's (GUID).
- GUID duplicate Action ID's
- market data software 118 includes user profile database 120 , three objects 400 , 402 , 404 , QMKTDATA DLL 406 , entitlement agent 408 and comm manager 410 .
- the objects 400 , 402 , 404 When the objects 400 , 402 , 404 are created, they request entitlement agent 408 for user profile information. In doing so, the objects 400 , 402 , 404 have to provide the user's security level (that is the group of users, expert, medium or novice to which the user belongs). Objects 400 , 402 , 406 must further provide Object ID and set of action items, whose values are pertinent to the object. Once the profile information is received from entitlement agent 408 , each object 400 , 402 , 404 will configure itself according to the user profile information received.
- the user's security level that is the group of users, expert, medium or novice to which the user belongs.
- Objects 400 , 402 , 406 must further provide Object ID and set of action items, whose values are pertinent to the object.
- Entitlement agent 408 is the heart of the user profile system 122 .
- entitlement agent 408 executes a sequence of steps before sending the user profile information back to the requesting object.
- step S 1 the request for user profile information and the security level are received.
- step S 2 entitlement agent 408 checks whether the specified security level is present in the user profile database 120 .
- user profile database 120 always contains information about a security level called “Default Level.” The idea behind introducing a default level is to ensure that all objects gets some profile information upon their request to entitlement agent 408 .
- entitlement agent 408 will look for user profile information under the default security level only if the security level assigned to the user is not available in the database.
- entitlement agent 408 determines whether the object is present under the requested level. Under each level at least one object called “Default Object” will always be present. When user profile information for a particular object is not available for the requested level, then at step S 5 the default Profile information is returned as available under the “Default Object,” and processing proceeds to step S 6 .
- step S 7 it is determined whether an action item is present.
- user profile database 120 also supports the concept of default action values.
- User profile database 120 maintains default values for each type of action under each object.
- entitlement agent 408 looks for the requested action items at step S 7 .
- entitlement agent 408 checks the type of the action item and returns the default value set for that type under that object. On the other hand, if the action item is participating, then entitlement agent 408 reads the values set for this action item. At step S 10 , entitlement agent 408 returns the user profile information obtained at step S 8 or step S 9 to the requesting object.
- action item relates to the extent to which the user can control the application display portion of display 116 .
- action items can be defined to specify whether individual users (or groups of users grouped under various security levels) can control display colors or fonts of displays generated by market data software 118 .
- These action items might be, for example, Dual State Action Type action items determining whether or not users can adjust display colors or fonts.
- Another category of action items relates to the process of data transfer when executing the market data software.
- the priority value (explained above) of communications through network card 107 may be set for example as a Limit Action Type action item, where the limit represents the maximum priority which a user can assign to her data transfer communications.
- the network priority for the market data container (GUID 1) is controlled as a Limit Action Type (2).
- the subscriber has configured the Action Extra Value for this action item to 2 as the maximum limit. This means that the user can control the priority value, but cannot set the priority value to be any higher than 2. In this way, the subscriber can help ensure that only extremely important data transfers are executed at the highest priority level 3.
- Another category of action items relates to the process of data output when executing market data software 118 .
- the extent to which users can control print format of hard copy of data output through printer 117 can be controlled by the subscriber through the use of one or more appropriate action items.
- Another category of action items relates to the input devices, such as keyboard 114 and mouse 112 .
- the subscriber could configure appropriate action items to predefine the functions of various mouse 112 buttons or keyboard 114 keys.
- Another category of action items relates to aspects of the user's interface with market data software 118 .
- the content of pull down menus can be customized for each user (or each security level) using action items.
- the number of financial modules which the user can insert in the broker application environment of market data software 118 can be controlled as a Range Action Type action item where the user can define between 4 and 25 modules.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Human Computer Interaction (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
Description
- This application claims the benefit of U.S. Provisional Application No. 60/074,142 (filed Feb. 9, 1998).
- 1. Field of the Invention
- This invention relates generally to computer software applications providing for customized access to software applications, and more particularly to subscriber control of the customization on a user-by-user basis. Note that a subscriber is an institutional software customer, such as a company, and a user is an individual (person or piece of hardware) which uses the application supplied by the subscriber. For example, application users might be company employees who use an application in the course of their employment with the subscriber.
- 2. Description of the Related Art
- In some conventional software applications, such as word processing programs, web browsers and market data applications (for receiving current financial information), users can customize aspects of the user interface. For example, a user may be able to customize application display colors, or print format, or data transfer rate of data transfers, or the content of pull down menus and so on.
- One advantage of this kind of application is that a sophisticated and disciplined users can optimize their interfaces according to their individualized wants and needs. On the other hand, a disadvantage of these conventional applications is that an unsophisticated or undisciplined user might customize her user interface in a counter-productive way. This is not good for the user or for her associated subscriber.
- It is an object of at least some embodiments of the present invention to provide for subscriber control of the user interface for users associated with the subscriber. It is a feature of at least some embodiments of the present invention that a software application defines action items relating to aspects of each user's access, which action items are configured by the subscriber on a user-by-user basis. It is an advantage of at least some embodiments of the present invention that users are allowed access to aspects of the user interface on an individualized basis according to subscriber's configuration decisions.
- According to the present invention, a method of using a software application generally includes the steps of providing an application having “action items” to a subscriber, and having the subscriber configure the “action items” with “action item values” on a user-by-user basis (or on the basis of groupings of users).
- As the term is used herein, an “action item” is any aspect of the functionality of the software application, except that “action items” do not include access to data or databases, access to portions of data or databases, ability to modify data or databases, or ability to control action item configuration or data or database modification permission. To illustrate, providing for control of application display colors is an example of an “action item,” while access to some specific database which can be provided by the application cannot be considered as an “action item.” Other examples of “action items” will be given throughout this application to help convey the concept of “action items,” but these examples are not intended to limit the definition of “action items” provided in this paragraph.
- A physical medium can be coded with a computer software application according to the present invention. Some exemplary physical mediums are floppy disks, hard magnetic disks, optical disks, magnetic tapes, read only memories, random access memories and so on. The coded software application includes application code and configuration code. The application code corresponds to computer instructions for executing the software application, with the application code defining at least one action item. The configuration code corresponds to computer instructions for configuring the computer software application with action item values the users, whereby each user's access with respect to the action item is determined by the action item value. This way, a subscriber can configure the application for each user by defining the action item values.
- It is noted that while the present invention relates to subscriber (institutional software customer) control, and more particularly to subscriber (institutional software customer) control effected by configuring software, this configuration will generally be carried out by an individual or individuals who have been delegated to decide on the subscriber's configuration strategy and to actually input the desired configuration information into the appropriate computer(s). Therefore, as used herein, the term “subscriber” includes these delegated individuals. In some embodiments of the present invention, the delegated individuals may include third party individuals, user individuals, or individuals affiliated with the software manufacturer.
- The objects, advantages and features of the present invention will become more readily apparent from the following detailed description, taken together with the accompanying drawing, in which:
- FIG. 1 is a block diagram of an embodiment of a computer system which stores and executes an embodiment of software according to the present invention;
- FIG. 2 is a levels set table used by the software of FIG. 1;
- FIG. 3 is an objects set table used by the software of FIG. 1;
- FIG. 4 is a level-objects table used by the software of FIG. 1;
- FIG. 5 is an object actions table used by the software of FIG. 1;
- FIG. 6 is an action value type set table used by the software of FIG. 1;
- FIG. 7 is an actions type table used by the software of FIG. 1;
- FIG. 8 is a main profile table used by the software of FIG. 1;
- FIG. 9 is a block diagram of a portion of the software of FIG. 1; and
- FIG. 10 is a flowchart representing operations of the software of FIG. 1.
- The present invention relates generally to any kind of software which can be purchased by a first party subscriber (for example, person, company or other entity) and then used by a plurality of second party users (for example, employees of a company). According to the present invention, the subscriber can set the software up differently for each of the users on an individualized basis (or on the basis of groupings of users). More particularly, the first party can set action item values to individually control action items for each of the users. The action items may relate to many different parameters of the software operation, such as extent of user control of the application display, extent of user control of the data output, or extent of user control of data transfer.
- Below, the present invention will be explained in terms of an exemplary embodiment of a market data software package for providing current and historical financial information to brokers. In this example, the subscriber will generally be a brokerage house which can customize the market data software for each of its broker-users. Each broker-user will have a set of action item values to control action items. These action items will determine various aspects of how the software will be executed for each broker-user. In this way, the subscriber can set up the software so that each broker-user can use the software in an optimal fashion according to the abilities and needs of each individual broker-user.
- FIG. 1 shows an embodiment of a
computer system 100 which can be used to run the exemplary market data software according to the present invention. For the sake of simplicity,exemplary computer system 100 is a stand-alone personal computer (PC) system. However, in some preferred embodiments, the market data software may be operated on a computer system having one or more server computers and one or more user workstations. This kind of server/workstation architecture is typical in many brokerage houses. The server computers store data or programs which is be accessed by users (such as brokers) through individual workstations, such as PC's. -
Computer system 100 includes user PC 102, mouse 112,keyboard 114,display 116 andprinter 117. Mouse 112 is a conventional mouse input device which is connected to provide user input to user PC 102. Keyboard 114 is a conventional keyboard input device which is connected to provide user input to user PC 102.Display 116 is a conventional monitor which provides a screen display, such as a cathode ray tube display or liquid crystal display, which includes an application display generated bymarket data software 118 and output by user PC 102.Printer 117 is a conventional printer which provides a hard copy, such as a printed page of data output from user PC 102. -
User PC 102 includesprocessing module 104,storage device 106, network card 107 (with networking software) and random access memory (RAM) 108.Processing module 104 provides the data processing functions of theuser PC 102.Processing module 104 would include a conventional central processing unit and other conventional data processing circuitry.Storage device 106 provides permanent data storage.Storage device 106 may be, for example, a hard magnetic disk.RAM 108 provides temporary storage of data.RAM 108 may be a conventional RAM memory. -
Network card 107 can communicate withnetwork 200. Priority given to communications to and fromnetwork card 107 are controlled according to a variable priority level. For example if the priority value ofnetwork card 107 is set to 1 (low), then the communications may be handled as relatively low priority communications. Priority values 2 and 3 correspond respectively to medium and high priority level communications.Network 200 may be a public network of computers, such as the Internet, a private network of computers, such as an office intranet, or it may be a combination of these two kinds of networks. - As shown in FIG. 1, computer files making up the market
data software package 118 are stored instorage device 106. Alternatively, these files could be stored wholly or in part on a removable storage device, such as a CD-ROM, or on a separate server computer. Whenmarket data software 118 is operated by a user, data related to program execution is also stored inRAM 108. Below, a portion ofmarket data software 118 calleduser profile database 120 will be discussed in some detail. -
User profile database 120 is created and maintained by theuser profile system 122, which is a security sub system inmarket data software 118. In this example,user profile database 118 contains data for all users who might potentially use theuser PC 102. In embodiments where there is a server computer, the server computer may store and maintain a user profile database for every possible user. - One exemplary user profile system is structured as an extension to an existing policy system that was used with Quotron (now called Reuters Plus) market data software package release version 5.01.07 and earlier versions. The
user profile system 122 is used to configureuser profile database 120 to control user access parameters by the subscriber on a per user basis, In this example, each user is assigned a security level (expert, medium or novice) which corresponds to three different ways that action items are configured. The security level represents the extent of access privileges for groups of users as controlled by the action item configuration. - Alternatively, all action item values could be uniquely configured for each and every user. While this alternative scheme allows greater flexibility, grouping users into a few different security levels makes it much less time consuming for the subscriber to configure
user profile system 122 when there are a great multitude of users. This is because each user merely needs to be assigned a single security level for predetermined access, rather than being configured for custom settings with respect to every action item. - The
market data software 118 includes many “objects.” “Objects” is herein used as a generic word to refer any module (Executables, Agents or AAE Service OCXs) that is participating in themarket data software 118. Each object is identified with a unique ID called the Object ID. Action items (defined above) are properties or attributes of an object that can be configured usinguser profile system 122. Action items are the items of the object which are imposed with some sort of access control usinguser profile system 122. - Implementation of
market data software 118 proceeds in three stages. First, at the design stage, action items are identified and classified anduser profile system 122 is written accordingly. Second, at the subscriber configuration stage, action item values are set by the subscriber for each of the users so that themarket data software 118 will operate in a customized way for each security level. Third, at the run time stage, the user operatesmarket data software 118, with the action item parameters being controlled according to the subscriber-set action item values for that particular user. Each of these stages is discussed in more detail below. - 1. Design Stage
- Generally, the market data software will not be designed on
user PC 102, but rather will be designed by a software designer on some other machine, from where the software is copied tostorage device 106. The design time stage involves creation ofuser profile database 120. Design activity involves each of the modules (objects) in themarket data software 118, as each module has to generate the parameters which are to be subscriber-controlled “action items” that will be participating in the user profile system. - Generation of the action items information for a module will now be described. Action information is stored in the serialized files with extension “.PRO.” Each module has to provide the following pieces of information in order to generate the PRO file:
- Object ID: This is an identification code (GUID) associated with the module,
- Object Description: Name of the object, and
- Array of Action Items: This contains following information:
- Action ID: Unique integer value to identify an action item for this object,
- Action Desc: Description of the action item. This could be name of the menu item or a particular attribute of the object, and
- Action Item Type: This filed tells the type of the action item.
- Action item types are an important aspect of some embodiments of the present invention, because the use of different action items types allow different kinds of user access parameters to be efficiently handled through a single
user profile system 122. Each defined action item will be classified under one of the predetermined action item types. In this exemplary embodiment, three types of actions are identified: - (1) Dual State Action Type: This action type is used to represent any action item that has two states—TRUE/ENABLE and FALSE/DISABLE.
- (2) Limit Action Type: This is used to represents those properties (actions) of the object that can be best described with an upper or lower limit.
- (3) Range Action Type: This is used to represent those properties (actions) of the object that can best be described by having a lower and an upper limit.
- Apart from these types of actions more generic action types can be defined.
- One example of an action item is the “menu” action item, which is a Dual State Action Type. Another example is “object count” action item, which is a Limit Action Type.
- Another piece of information used in creating the .PRO file is the Action Purpose Description. The Action Purpose Description gives the detailed description about the action item, which is displayed in the profile editor when the subscriber selects the action item for configuration. The Action Purpose Description should give a clear description of the action item and its purpose.
- Another piece of information used in creating the .PRO file is the Default Value. The Default Values are stored under the default security level. When an object requests the profile information for an action item, but the action item is missing, then these default values are returned as the values for the action item. Values should be set with an Action Default Value and an Action Default Extra Value.
- With respect to the Action Default Value, if an action item is a menu item or a Dual State Action Type item, then set it as either TRUE or FALSE. If the action item is a Range Action Type item, then it is set as the default minimum range. For Limit Action Type items, the Action Default Value is ignored.
- With respect to the Action Default Extra Value, for Dual State Action Type items, the value set to this file is ignored. For Limit Action Types items, the Action Default Extra Value sets the default limit for the action item. For Range Action Type action items, this filed should be set to a value which will be treated as the default maximum value. Preferably, the maximum default value (Action Default Extra Value for Range item) is set to be less than the minimum default value (Action Default Value for Range item).
- The foregoing pieces of information are maintained internally by each module and used to generate the serialized action information file with a .PRO extension. One example of a possible action item defined by various modules is user control of the application display colors. This may defined as a Dual State Action Type which can be configured to ENABLE (user permitted to control display colors) or DISABLE (user not permitted to control display colors).
- 2. Subscriber Configuration Stage
- After the subscriber installs the
market data software 118 onuser PC 102, the subscriber uses a tool called Profile Editor to configure and update theuser profile database 120, so that each broker-user will be able to optimally operate the market data software on an individualized basis. - The Profile Editor provides a graphical user interface to set action item values for each user for each of the action items. Using this tool, different security levels can be created. Interface is provided to import the action information generated by each of the modules. Using this imported action information,
user profile database 120 is updated for the object of interest. The detailed control flow foruser profile database 120 updates will be explained below. - Returning to the exemplary action item relating to user control of application display colors, the subscriber sets an action item value for this action item as ENABLE or DISABLE for each user, depending upon whether the subscriber perceives that the particular user is talented and disciplined enough to utilize control of application display colors in a constructive manner.
- It is noted that user control of application display colors (as well as other action items) may be restricted for somewhat subtle reasons. For example, some financial information may be necessarily displayed in a predetermined color which cannot be changed. In this case, if a user set the ambient background color of the application display to be the same as the predetermined color, then the information in the predetermined color would not be visible in the application display. Clearly, this would be a problem because the user would miss information, and might not even be aware that the hidden information was not being visibly displayed.
- 3. Run Time Stage
- At this stage, a user operates the
market data software 118, which will be controlled in accordance with the action item values set by the subscriber for the security level of the particular user. When a module is started, user profile information is requested from theuser profile database 120.User profile database 120 is consulted for the requested module under the security level assigned to the user. - Preferably, the user who is using the
market data software 118 will be identified by entering a user identification code and a password. However, there are other ways to make sure that the correct user profile information is consulted for the user. For example, each user may have a dedicated workstation so that the workstation will have only user profile information for some predetermined user. This may make it unnecessary to use user identification codes or the like. As another alternative, user identity could be determined by conventional electronic fingerprinting, photographing, voice recognition or the like. - Now that the three stages of action item implementation have been described, various tables used to information related to action items and action item values will be described in more detail. For the sake of simplicity, the tables of this example will be have information for only a few users, objects, action items, and so on. Actual tables may be much larger to accommodate all of the necessary action item related information.
User profile database 120 is used to maintain the action items values for the users.User profile database 120 is created using Microsoft Access 97. The tables discussed directly below are defined to maintain the user profile information. - Levels set table300 is shown in FIG. 2. Levels set table 300 is used to maintain all currently available security levels. It has two fields,
Level ID field 302 andLevel Description field 304.Level ID 302 is an integer value which uniquely identifies the security level. Level Description is a user friendly name assigned to the security level. Initially, when an empty database is created, an entry called “Default Level” is added to the database. - As shown in FIG. 3, objects set table306 is used to maintain a list of the objects that are participating in
user profile system 122. In other words, this table keeps track of all objects which have associated action item parameters. Objects set table 306 has two fields,Object ID field 308 andObject Description field 310.Object ID 308 is a Globally Unique Identifier (GUID) used to represent each object.Object description 310 is a user friendly name assigned to each object. When a database is created, a default entry is added to this table with the description “Default Object.” - As shown in FIG. 4, level-objects table312 is used to maintain lists of objects under each security level. Level-objects table 312 has two fields,
Level ID field 314 andObject ID field 316.Object ID 316 is of the GUID for each object.Level ID 314 is an associated integer value uniquely identifying the security level for each object. There can be more than one object under each security level. When a database is created an entry is created in this table for the “Default Object” under the “Default Level.” - As shown in FIG. 5, object actions table318 is used to maintain list of available action items under each object that participates in the
user profile system 122. This table has five fields: (1)Object ID 320, (2)Action ID 322, (3)Action Description 324, (4)Action Purpose Description 328 and (5)Action Type ID 330.Object Id 320 is the GUID used to represent each object.Action Id 322 is an integer uniquely identifying each action item.Action Description 324 is a description of each action item and is object specific.Action Purpose Description 328 is a clear description of the purpose served by each action item.Action Type Id 330 indicates the action type of action item and is indexed to an entry in the Actions Type Table discussed below. - As shown in FIG. 6, actions value typeset table332 is a fixed table with three entries As explained above, in this example, three types of actions are supported based on the values they take. They are:
- (1) Dual State Actions—this type supports Boolean values, such as ENABLE or DISABLE,
- (2) Limits Type Actions—this type supports an upper limit value, and
- (3) Range Action Type—this type supports lower and upper limit values.
- The actions value type table has two fields, Action Value
Type ID field 334 and ActionValue Type Description 336. ActionValue Type Id 334 identifies the action value type. ActionValue Type Description 336 describes the value type, such as “Dual State,” “Limit,” or “Range”. - As shown in FIG. 7, actions type table338 is a read only table with a fixed number of entries. The actions type table 338 is used to support more user friendly action types. This table is one level higher than actions value type table 332. The idea behind introducing this table above the action value type table 332 is to categorize actions based on the purpose they serve rather than on the values they support. Entries of the action type table 338 are associated with entries in the actions value type table depending on the type of values they support.
- Actions type table338 has three fields: (1)
Action Type ID 340, (2)Action Type Description 342, and (3) ActionValue Type ID 344.Action Type ID 340 identifies an action type.Action Type Description 342 describes the action type in a user-friendly manner. ActionValue Type Id 344 is an index to an entry in the action value type table 332. - In this example, five entries (action types) are supported as given below. As menu item supports two possible values (ENABLE/DISABLE) in the user profile system context, it can be viewed as an action type that supports two states (that is, a Dual State Action). So the Action Value
Type ID field 340 is set to 1 for menu item. - If new action types are identified which have a general meaning for more than one module, then a further entry can be added to the actions type table338. For example, an action type called “Max Instance” could be added as another action type if this action type is used in more than one module. On the other hand, if this type of action makes sense only in the context of one module (Object), then it can be described with the action type “Generic Limit Action” (Action Type ID=4). As described above, a module has to set the action type for each of the actions it is intended to include in
user profile system 122. The value exported (through the .PRO file) as action type should correspond to one of the entries in this table. - As shown in FIG. 8, main profile table346 is used to store action item values for a security level. Main profile table 346 maintains the list of action items that have been declared to be participating in the
user profile system 122 by the subscriber. This is information used by theuser profile system 122 when a user runs themarket data software 118. - Main profile table346 has five fields: (1)
Level ID field 348, (2)Object ID field 350, (3)Action ID field 352, (4)Action Value field 354, and (5) ActionExtra Value field 356. Each entry in main profile table 346 corresponds to an action item with values set under an object for the security level. -
Level ID 348 corresponds to the security level to which the action items values are of interest.Object ID 350 identifies the module to which an action item belongs.Action ID 352 identifies the action item. -
Action Value 354 is a first action item value set for an action item by the subscriber. The meaning of the value set to this field depends on the action item type of the action item. For Dual State Action Type action items,Action Value 354 will be a binary value (for example ENABLE or DISABLE). For Limit Action Type Action items, theAction Value 354 is ignored. For Range Action Type action items, theAction Value 354 is set to some minimum (or maximum) value used for controlling the action item parameter. -
Action Extra Value 356 is additional information which may be required by an action item. The meaning ofAction Extra Value 356 set to this field depends on the action item type of the action item. For Dual State Action type action items, theAction Extra Value 356 is not needed. For Limit Action Type Action items, theAction Extra Value 356 is value set as a limit of the action item. For Range Action Type action items, theAction Extra Value 356 is set to some maximum value used for controlling the action item parameter. - Although the embodiment discussed in detail herein includes two fields,
Action Value 354 andAction Extra Value 356, for each action item, in many preferred embodiments of the present invention, only a single field is used to store the value of the action item. For example, an Action Item Value field could be set up to store Dual State Action Type action item values as binary numbers, to store Limit Action Type action item values as variants representing an upper or lower limit, and to store Range Action Type action item values as variants each representing both an upper and a lower limit. - Now generation of an action information file (.PRO file) will be described Action information about an object might change during the course of enhancements to the objects. New action items might need to be added to
user profile database 120 or some of the actions might become obsolete. In order to support such changes touser profile database 120 and to safeguard the overall system after the changes are made, the concept of generation of action information by each object is utilized. - All the objects participating in the
user profile database 120 should define a set of actions that can be configured in theuser profile system 122. The objects should maintain full information about the action internally. A simple structure can be used to maintain the action information. An example of code for this kind of simple structure follows: typedef struct{ int nActionID; char csActionDesc[MAX_ACTION_DESC_LEN]; char csPurposeDesc[MAX_ACTION_PURPOSE_DESC_LEN]; int nActionType; long nInternalRefId; // This used for internal reference in the context of the object. } ProfileActionInfo; - As an example, entries appropriate to an application could be provided as shown in the following code:
ProfileActionInfo ProfileInfo[ ] = { {1, “File New”, “A menu item to create a new Nav Document”, ACTION_MENUITEM, ID_FILE_NEW}, {2, “File Open”, “A menu item to open an existing Nav Document”, ACTION_MENUITEM, ID_FILE_OPEN}, {3, “File Print”, “Provision to print a Nav document”, ACTION_MENUITEM, ID_FILE_PRINT}, {4, “File Exit”, “Provision to exit Navigator through menu option”, ACTION_MENUITEM, ID_APP_EXIT}, {5, “Edit”, “Enable or disable the entire editing functionality”, ACTION_MENUITEM, ID_POPUP}, {6, “Insert”, “Provision to insert AAE services or any Ole Objects & to create add new navigator pages”, ACTION_MENUITEM, ID_POPUP}, {7, “Move Item”, “Ability to move any object in the navigator. If it is set to FALSE, objects cannot be moved inside the Navigator.”, ACTION_DUALSTATE, ID_PROP_MOVE_ITEM}, {8, “Resize Item”, “Ability to resize the objects in the navigator. If it is set to FALSE, objects cannot be resized inside the Navigator.”, ACTION_DUALSTATE, ID_PROP_RESIZE ITEM}, {9, “Objects per Page”, “This sets a limit as to how many objects can be inserted in to a Navigator page”, ACTION_LIMIT, ID_PROP_OBJECTS_PER_PAGE}, {10, “Max. Pages”, “This sets a limit as what is the maximum number of pages that can be added to a navigator document”, ACTION_LIMIT, ID_PROP_MAX_PAGES}, {11, “Max Objects”, “This is the total number of objects that are allowed to present in the navigator page”. ACTION_OBJECT_COUNT, ID_PROP_MAX_OBJECTS}, {12, “Rename Pages”, “Ability to rename a page item”, ACTION_MENUITEM, ID_RENAME_PAGE} }; - Using this information the objects generate a .PRO file which is a serialized file having following structure (which includes an array of CProfileInfo objects where each object holds the information about each object):
- class CProInfoArray: public CobArray
{ virtual void Serialize(CArchive& ar) {Serialize ObjectID & Description & set of Action info, objects; } CString m_csObjecID; CString m_csObjectDesc; }; class CProfileInfo : public CObject { int m_nActionID; C String m_csActionDesc; CString m_csPurposeDesc; int m_nActionType; void Serialize(CArchive& ar) {Serialize Action ID, Action Description & Action type}; }; - The generation of .PRO files for market data software OCX's can be done with a small application that calls a specific exported function in the OCX that generates the object file. OCX name can be passed as argument to this application. For generating the .PRO files for executables, like navigator, provision for a command line option should be supported. When the application is executed with a particular command line option it should generate the action information file.
- The profile editor tool provides an interface for the subscriber to select a particular .PRO file and import the action information into
user profile database 120. If an object corresponding to the .PRO file is already present inuser profile database 120, then the subscriber is prompted with a message indicating that the previous action information will be replaced with the new action information and all the references to the old action information will be deleted. If subscriber agrees with that, then a new set of actions are defined under the selected object in theuser profile database 120, replacing the old action information. - If object is new to the database, then new set of actions are defined under that object. In some embodiments according to the present invention, provision can be made to selectively import a single action item or to overwrite a single action item with a new one. The criteria used to check for an existing action item is the check for duplicate Action ID's (GUID). Each object in its internal profile information structure defines the Action ID's.
- Now control flow in the run time components stage will be discussed with reference to FIG. 9. As shown in FIG. 9,
market data software 118 includesuser profile database 120, threeobjects QMKTDATA DLL 406,entitlement agent 408 andcomm manager 410. - When the
objects entitlement agent 408 for user profile information. In doing so, theobjects Objects entitlement agent 408, eachobject -
Entitlement agent 408 is the heart of theuser profile system 122. When a request for user profile information is received from an object,entitlement agent 408 executes a sequence of steps before sending the user profile information back to the requesting object. - These steps are explained below with reference to the flow chart of FIG. 10. At step S1, the request for user profile information and the security level are received. At step S2,
entitlement agent 408 checks whether the specified security level is present in theuser profile database 120. As explained above,user profile database 120 always contains information about a security level called “Default Level.” The idea behind introducing a default level is to ensure that all objects gets some profile information upon their request toentitlement agent 408. - At step S3,
entitlement agent 408 will look for user profile information under the default security level only if the security level assigned to the user is not available in the database. - At step
S4 entitlement agent 408 determines whether the object is present under the requested level. Under each level at least one object called “Default Object” will always be present. When user profile information for a particular object is not available for the requested level, then at step S5 the default Profile information is returned as available under the “Default Object,” and processing proceeds to step S6. - At step S7 it is determined whether an action item is present. Apart from default level and default objects,
user profile database 120 also supports the concept of default action values.User profile database 120 maintains default values for each type of action under each object. When an object request for the user profile information for a set of action item,entitlement agent 408 looks for the requested action items at step S7. - If an action item is not declared to be participating in the user profile system for that object under a given security level, then at step
S8 entitlement agent 408 checks the type of the action item and returns the default value set for that type under that object. On the other hand, if the action item is participating, thenentitlement agent 408 reads the values set for this action item. At step S10,entitlement agent 408 returns the user profile information obtained at step S8 or step S9 to the requesting object. - In order to more fully illustrate the concept of an action item (defined above) some exemplary kinds of action items will now be discussed. However, these examples should not be used to limit the definition of the term “action item.”
- One category of action item relates to the extent to which the user can control the application display portion of
display 116. For example, action items can be defined to specify whether individual users (or groups of users grouped under various security levels) can control display colors or fonts of displays generated bymarket data software 118. These action items might be, for example, Dual State Action Type action items determining whether or not users can adjust display colors or fonts. - Another category of action items relates to the process of data transfer when executing the market data software. For example, the priority value (explained above) of communications through
network card 107 may be set for example as a Limit Action Type action item, where the limit represents the maximum priority which a user can assign to her data transfer communications. - As shown in FIG. 5, the network priority for the market data container (GUID 1) is controlled as a Limit Action Type (2). As shown in FIG. 8, the subscriber has configured the Action Extra Value for this action item to 2 as the maximum limit. This means that the user can control the priority value, but cannot set the priority value to be any higher than 2. In this way, the subscriber can help ensure that only extremely important data transfers are executed at the
highest priority level 3. - Another category of action items relates to the process of data output when executing
market data software 118. For example, the extent to which users can control print format of hard copy of data output throughprinter 117 can be controlled by the subscriber through the use of one or more appropriate action items. - Another category of action items relates to the input devices, such as
keyboard 114 and mouse 112. For example, the subscriber could configure appropriate action items to predefine the functions of various mouse 112 buttons orkeyboard 114 keys. - Another category of action items relates to aspects of the user's interface with
market data software 118. For example, the content of pull down menus can be customized for each user (or each security level) using action items. - Also, as shown in FIGS. 5 and 8, the number of financial modules which the user can insert in the broker application environment of
market data software 118 can be controlled as a Range Action Type action item where the user can define between 4 and 25 modules. The greater the number of modules that a user inserts, the greater the demands on computer system resources and on communication bandwidth. Therefore, the number of modules allowed each user can be an important area for subscriber restrictions on the extent user control, because the subscriber can most accurately judge the relative needs of various users and can most fairly distribute limited system resources. - Certain preferred embodiments have been described above. It is likely that there are modifications and improvements to these embodiments which are within the literal scope or are equivalents of the claims which follow.
Claims (20)
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/246,351 US6513111B2 (en) | 1998-02-09 | 1999-02-08 | Method of controlling software applications specific to a group of users |
PCT/US1999/002709 WO1999040502A1 (en) | 1998-02-09 | 1999-02-09 | Method of controlling software applications specific to a group of users |
AU26641/99A AU2664199A (en) | 1998-02-09 | 1999-02-09 | Method of controlling software applications specific to a group of users |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US7414298P | 1998-02-09 | 1998-02-09 | |
US09/246,351 US6513111B2 (en) | 1998-02-09 | 1999-02-08 | Method of controlling software applications specific to a group of users |
Publications (2)
Publication Number | Publication Date |
---|---|
US20020023180A1 true US20020023180A1 (en) | 2002-02-21 |
US6513111B2 US6513111B2 (en) | 2003-01-28 |
Family
ID=26755299
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/246,351 Expired - Lifetime US6513111B2 (en) | 1998-02-09 | 1999-02-08 | Method of controlling software applications specific to a group of users |
Country Status (3)
Country | Link |
---|---|
US (1) | US6513111B2 (en) |
AU (1) | AU2664199A (en) |
WO (1) | WO1999040502A1 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020029300A1 (en) * | 1999-07-29 | 2002-03-07 | Fujitsu Limited | Object collaboration apparatus using message type |
US20070234411A1 (en) * | 2004-12-27 | 2007-10-04 | Takashi Nakamura | System, Method and Program for Changing Item Name Notation and Master Table Contents by Login Id Control |
US20100122179A1 (en) * | 2007-04-26 | 2010-05-13 | Takashi Nakamura | Visual cabinet system for data display method using its system |
US20150205977A1 (en) * | 2014-01-14 | 2015-07-23 | Baker Hughes Incorporated | Compartment-based data security |
US10255307B2 (en) * | 2016-06-29 | 2019-04-09 | International Business Machines Corporation | Database object management for a shared pool of configurable computing resources |
US10657113B2 (en) | 2014-01-14 | 2020-05-19 | Baker Hughes, A Ge Company, Llc | Loose coupling of metadata and actual data |
Families Citing this family (46)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6490290B1 (en) * | 1998-12-30 | 2002-12-03 | Cisco Technology, Inc. | Default internet traffic and transparent passthrough |
US6785822B1 (en) * | 1999-09-16 | 2004-08-31 | International Business Machines Corporation | System and method for role based dynamic configuration of user profiles |
KR100394827B1 (en) * | 1999-12-22 | 2003-08-21 | 엘지전자 주식회사 | Program and data down loading method for restating processor of mobile communication exchage system |
US6868450B1 (en) | 2000-05-17 | 2005-03-15 | Hewlett-Packard Development Company, L.P. | System and method for a process attribute based computer network filter |
GB0014325D0 (en) * | 2000-06-12 | 2000-08-02 | Koninkl Philips Electronics Nv | Computer profile update system |
US7333952B1 (en) | 2000-06-23 | 2008-02-19 | Ebs Group Limited | Compound order handling in an anonymous trading system |
US7184982B1 (en) | 2000-06-23 | 2007-02-27 | Ebs Group Limited | Architecture for anonymous trading system |
US7827085B1 (en) | 2000-06-23 | 2010-11-02 | Ebs Group Limited | Conversational dealing in an anonymous trading system |
US6983259B1 (en) | 2000-06-23 | 2006-01-03 | Ebs Group Limited | Anonymous trading system |
US6941353B1 (en) * | 2000-06-29 | 2005-09-06 | Auran Holdings Pty Ltd | E-commerce system and method relating to program objects |
US6866587B1 (en) | 2000-09-25 | 2005-03-15 | Auran Holdings Pty Ltd. | Wide area real-time software environment |
US6788313B1 (en) * | 2000-09-28 | 2004-09-07 | International Business Machines Corporation | Method and apparatus for providing on line help for custom application interfaces |
CA2361966A1 (en) * | 2000-10-30 | 2002-04-30 | Syner-Seis Technologies Inc. | System for managing oil and gas exploration and production data and related transactions |
EP1205843A3 (en) * | 2000-11-13 | 2004-10-20 | Canon Kabushiki Kaisha | User interfaces |
US20060041555A1 (en) * | 2001-05-31 | 2006-02-23 | Blessin Stephen W | System and method for implementing security on a database |
US8261095B1 (en) | 2001-11-01 | 2012-09-04 | Google Inc. | Methods and systems for using derived user accounts |
US20030114175A1 (en) * | 2001-12-10 | 2003-06-19 | Exton Glenn Andrew | Computing device with functional profiles |
US20030163510A1 (en) * | 2002-02-28 | 2003-08-28 | Bob Janssen | Method of administering user access to application programs on a computer system |
JP4196584B2 (en) * | 2002-03-18 | 2008-12-17 | 富士機械製造株式会社 | Circuit board manufacturing apparatus having management adjustment mode protection function and operation method thereof |
US6976023B2 (en) | 2002-04-23 | 2005-12-13 | International Business Machines Corporation | System and method for managing application specific privileges in a content management system |
US7284265B2 (en) | 2002-04-23 | 2007-10-16 | International Business Machines Corporation | System and method for incremental refresh of a compiled access control table in a content management system |
US7272550B2 (en) | 2002-04-23 | 2007-09-18 | International Business Machines Corporation | System and method for configurable binding of access control lists in a content management system |
US7308580B2 (en) | 2002-04-23 | 2007-12-11 | International Business Machines Corporation | System and method for ensuring security with multiple authentication schemes |
US7191469B2 (en) * | 2002-05-13 | 2007-03-13 | Green Border Technologies | Methods and systems for providing a secure application environment using derived user accounts |
EP1525522A2 (en) | 2002-06-06 | 2005-04-27 | Green Border Technologies | Method and system for implementing a secure application execution environment using derived user accounts for internet content |
EP1475686A1 (en) * | 2003-04-14 | 2004-11-10 | Matsushita Electric Industrial Co., Ltd. | Device, method and program for multiple user access management |
CN1868190B (en) * | 2003-08-12 | 2012-04-04 | 捷讯研究有限公司 | System and method of indicating the strength of encryption |
US7861181B2 (en) * | 2003-08-29 | 2010-12-28 | International Business Machines Corporation | Autonomic user interface widgets |
US8028236B2 (en) * | 2003-10-17 | 2011-09-27 | International Business Machines Corporation | System services enhancement for displaying customized views |
US7503067B2 (en) * | 2004-02-02 | 2009-03-10 | Toshiba Corporation | Preset security levels |
US20090288147A1 (en) * | 2004-02-02 | 2009-11-19 | Michael Yeung | System and method for modifying security functions of an associated document processing device |
US7392397B2 (en) * | 2004-04-06 | 2008-06-24 | International Business Machines Corporation | Security and analysis system |
WO2005109284A2 (en) * | 2004-05-03 | 2005-11-17 | Trintuition Llc | Apparatus and method for creating and using documents in a distributed computing network |
US7958161B2 (en) * | 2004-11-30 | 2011-06-07 | Siebel Systems, Inc. | Methods and apparatuses for providing hosted tailored vertical applications |
US20070226031A1 (en) * | 2004-11-30 | 2007-09-27 | Manson Nicholas R | Methods and apparatuses for grouped option specification |
US7841011B2 (en) * | 2004-11-30 | 2010-11-23 | Siebel Systems, Inc. | Methods and apparatuses for tiered option specification |
US8751328B2 (en) * | 2004-11-30 | 2014-06-10 | Siebel Systems, Inc. | Methods and apparatuses for providing provisioned access control for hosted tailored vertical applications |
US20070028291A1 (en) * | 2005-07-29 | 2007-02-01 | Bit 9, Inc. | Parametric content control in a network security system |
US8272058B2 (en) * | 2005-07-29 | 2012-09-18 | Bit 9, Inc. | Centralized timed analysis in a network security system |
US7895651B2 (en) * | 2005-07-29 | 2011-02-22 | Bit 9, Inc. | Content tracking in a network security system |
US8984636B2 (en) * | 2005-07-29 | 2015-03-17 | Bit9, Inc. | Content extractor and analysis system |
US20070118804A1 (en) * | 2005-11-16 | 2007-05-24 | Microsoft Corporation | Interaction model assessment, storage and distribution |
US8295486B2 (en) | 2007-09-28 | 2012-10-23 | Research In Motion Limited | Systems, devices, and methods for outputting alerts to indicate the use of a weak hash function |
CN101989198A (en) * | 2009-07-31 | 2011-03-23 | 国际商业机器公司 | User feedback method and system for client customization of service suite |
US9767268B2 (en) | 2011-04-20 | 2017-09-19 | International Business Machines Corporation | Optimizing a compiled access control table in a content management system |
JP6775282B2 (en) * | 2015-04-28 | 2020-10-28 | 株式会社フジ医療器 | Controller and massage machine |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5115501A (en) * | 1988-11-04 | 1992-05-19 | International Business Machines Corporation | Procedure for automatically customizing the user interface of application programs |
US5263165A (en) * | 1990-02-15 | 1993-11-16 | International Business Machines Corporation | System for providing user access control within a distributed data processing system having multiple resource managers |
GB9115142D0 (en) * | 1991-07-13 | 1991-08-28 | Ibm | Data processing system |
US5675746A (en) | 1992-09-30 | 1997-10-07 | Marshall; Paul S. | Virtual reality generator for use with financial information |
US5432934A (en) | 1993-07-26 | 1995-07-11 | Gensym Corporation | Access restrictions as a means of configuring a user interface and making an application secure |
US5454039A (en) | 1993-12-06 | 1995-09-26 | International Business Machines Corporation | Software-efficient pseudorandom function and the use thereof for encryption |
US5774879A (en) * | 1993-12-27 | 1998-06-30 | First Data Corporation | Automated financial instrument processing system |
US5644686A (en) * | 1994-04-29 | 1997-07-01 | International Business Machines Corporation | Expert system and method employing hierarchical knowledge base, and interactive multimedia/hypermedia applications |
AU3415595A (en) * | 1994-10-04 | 1996-04-26 | Banctec, Inc. | An object-oriented computer environment and related method |
US5897635A (en) * | 1995-06-07 | 1999-04-27 | International Business Machines Corp. | Single access to common user/application information |
US6014137A (en) * | 1996-02-27 | 2000-01-11 | Multimedia Adventures | Electronic kiosk authoring system |
US6144959A (en) * | 1997-08-18 | 2000-11-07 | Novell, Inc. | System and method for managing user accounts in a communication network |
-
1999
- 1999-02-08 US US09/246,351 patent/US6513111B2/en not_active Expired - Lifetime
- 1999-02-09 WO PCT/US1999/002709 patent/WO1999040502A1/en active Application Filing
- 1999-02-09 AU AU26641/99A patent/AU2664199A/en not_active Abandoned
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020029300A1 (en) * | 1999-07-29 | 2002-03-07 | Fujitsu Limited | Object collaboration apparatus using message type |
US7584252B2 (en) * | 1999-07-29 | 2009-09-01 | Fujitsu Limited | Object collaboration apparatus using message type |
US20070234411A1 (en) * | 2004-12-27 | 2007-10-04 | Takashi Nakamura | System, Method and Program for Changing Item Name Notation and Master Table Contents by Login Id Control |
US20100122179A1 (en) * | 2007-04-26 | 2010-05-13 | Takashi Nakamura | Visual cabinet system for data display method using its system |
US20150205977A1 (en) * | 2014-01-14 | 2015-07-23 | Baker Hughes Incorporated | Compartment-based data security |
US10242222B2 (en) * | 2014-01-14 | 2019-03-26 | Baker Hughes, A Ge Company, Llc | Compartment-based data security |
US10657113B2 (en) | 2014-01-14 | 2020-05-19 | Baker Hughes, A Ge Company, Llc | Loose coupling of metadata and actual data |
US11030334B2 (en) | 2014-01-14 | 2021-06-08 | Baker Hughes, A Ge Company, Llc | Compartment-based data security |
US10255307B2 (en) * | 2016-06-29 | 2019-04-09 | International Business Machines Corporation | Database object management for a shared pool of configurable computing resources |
Also Published As
Publication number | Publication date |
---|---|
WO1999040502A1 (en) | 1999-08-12 |
US6513111B2 (en) | 2003-01-28 |
AU2664199A (en) | 1999-08-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6513111B2 (en) | Method of controlling software applications specific to a group of users | |
AU757061B2 (en) | System and method for selectively defining access to application features | |
US6279030B1 (en) | Dynamic JAVA™ class selection and download based on changeable attributes | |
US6065012A (en) | System and method for displaying and manipulating user-relevant data | |
US7310653B2 (en) | Method, system, and product for maintaining software objects during database upgrade | |
US6785822B1 (en) | System and method for role based dynamic configuration of user profiles | |
US8301590B2 (en) | Custom caching | |
CN100461096C (en) | Dynamic registry partitioning | |
JP5305581B2 (en) | Method, portal, and computer program for exchanging portlet configuration data | |
US6253217B1 (en) | Active properties for dynamic document management system configuration | |
US6606627B1 (en) | Techniques for managing resources for multiple exclusive groups | |
US9501790B2 (en) | Method and system for service-enablement gateway and its service portal | |
US6327628B1 (en) | Portal server that provides a customizable user Interface for access to computer networks | |
EP1412846B1 (en) | Method and system for management of multiple network resources | |
US20030084401A1 (en) | Efficient web page localization | |
US9015290B2 (en) | Enhanced network adapter framework | |
US20030051226A1 (en) | System and method for multiple level architecture by use of abstract application notation | |
US20180018301A1 (en) | Centralized field rendering system and method | |
US20080195622A1 (en) | Service provisioning system | |
US20030079051A1 (en) | Method and system for the internationalization of computer programs employing graphical user interface | |
US20020080200A1 (en) | Method and apparatus for implementing a web application | |
US6115039A (en) | Processes and apparatuses for creating non-native displays on a computer | |
CN102289730A (en) | Graphic showing system and method for group customer relation management | |
US8185562B2 (en) | Business object browser for business query language | |
US5884311A (en) | Method and system for dynamically configuring a relational database |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: REUTERS, LTD., ENGLAND Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KLIMCZAK, JAREK;CHANDRA, VIPIN;REEL/FRAME:013562/0825 Effective date: 19990205 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FPAY | Fee payment |
Year of fee payment: 8 |
|
FPAY | Fee payment |
Year of fee payment: 12 |
|
AS | Assignment |
Owner name: THOMSON REUTERS GLOBAL RESOURCES, SWITZERLAND Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:REUTERS LIMITED;REEL/FRAME:035925/0966 Effective date: 20150626 |
|
AS | Assignment |
Owner name: THOMSON REUTERS GLOBAL RESOURCES UNLIMITED COMPANY Free format text: CHANGE OF NAME;ASSIGNOR:THOMSON REUTERS GLOBAL RESOURCES;REEL/FRAME:044270/0242 Effective date: 20161121 |
|
AS | Assignment |
Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH CAROLINA Free format text: SECURITY AGREEMENT;ASSIGNOR:THOMSON REUTERS (GRC) INC.;REEL/FRAME:047185/0215 Effective date: 20181001 Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH Free format text: SECURITY AGREEMENT;ASSIGNOR:THOMSON REUTERS (GRC) INC.;REEL/FRAME:047185/0215 Effective date: 20181001 |
|
AS | Assignment |
Owner name: DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AGENT, NEW YORK Free format text: SECURITY AGREEMENT;ASSIGNOR:THOMSON REUTERS (GRC) INC.;REEL/FRAME:047187/0316 Effective date: 20181001 Owner name: DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AG Free format text: SECURITY AGREEMENT;ASSIGNOR:THOMSON REUTERS (GRC) INC.;REEL/FRAME:047187/0316 Effective date: 20181001 |
|
AS | Assignment |
Owner name: THOMSON REUTERS (GRC) INC., NEW YORK Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:THOMSON REUTERS GLOBAL RESOURCES UNLIMITED COMPANY;REEL/FRAME:047909/0874 Effective date: 20181126 |
|
AS | Assignment |
Owner name: THOMSON REUTERS (GRC) LLC, NEW YORK Free format text: CHANGE OF NAME;ASSIGNOR:THOMSON REUTERS (GRC) INC.;REEL/FRAME:048553/0148 Effective date: 20181201 |
|
AS | Assignment |
Owner name: REFINITIV US ORGANIZATION LLC, NEW YORK Free format text: CHANGE OF NAME;ASSIGNOR:THOMSON REUTERS (GRC) LLC;REEL/FRAME:048676/0110 Effective date: 20190228 |
|
AS | Assignment |
Owner name: REFINITIV US ORGANIZATION LLC (F/K/A THOMSON REUTERS (GRC) INC.), NEW YORK Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:DEUTSCHE BANK TRUST COMPANY AMERICAS, AS NOTES COLLATERAL AGENT;REEL/FRAME:055174/0811 Effective date: 20210129 Owner name: REFINITIV US ORGANIZATION LLC (F/K/A THOMSON REUTERS (GRC) INC.), NEW YORK Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:BANK OF AMERICA, N.A., AS COLLATERAL AGENT;REEL/FRAME:055174/0836 Effective date: 20210129 |